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ABSTRACT 





: We present the concept of leveraging Blockchain technology, for the management and security of information related to the Internet Of Things. Here, we put forth a 
model for the intercommunication of smart devices, their identity management and information security, with Blockchain posing as the backbone. The model proposes 
to serve as a robust and scalable solution, in order to address the security and identity concerns, arising due to the distributed nature of the Internet of Things. The 


proposed model is further compared to the existing ones in practice. 
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INTRODUCTION 

In today's world, there is an increasing demand to connect devices to the Internet. 
Studies and research estimate that, in the years to come, there would be a multi- 
tude of devices interconnected. With this happening, there arises the need for a 
stalwart mechanism to address the data storage and security concerns, pertaining 
to machine-to-machine communication. Solutions currently exist, which 
address these concerns by adopting a centralized architecture. However, there 
are some disadvantages of a centralized system. These include the risk of central 
point failure, lesser autonomy and high costs. In order to overcome these weak- 
nesses, we propose to put forth a decentralized architecture, using blockchain 
technology. A blockchain 1s atype of distributed ledger, comprising of unchange- 
able, digitally recorded data in packages called blocks. These digitally recorded 
"blocks" of data are stored in a linear chain. Each block in the chain contains data, 
which is cryptographically hashed. Blockchain technology discards the need of 
any third-party or central authority for peer-to-peer transactions. The security 
and verifiability of data and its transfer is achieved using mathematically 
designed cryptosystems. Moreover, in case of a decentralized system, the risk of 
central point failure is avoided and it is better able to withstand malicious attacks. 


METHOD OFSTUDY 

The Centralized Architecture 

The current IoT systems rely on the centralized, brokered communication model 
which is also known as the client-server paradigm. All the devices which are pres- 
ent in the IoT are identified and authenticated and connected through cloud serv- 
ers that support huge processing as well as storage capacities. The IoT systems 
depend on centralized trust brokers and protocols such as the SSL/TSL(Secure 
Sockets Layer/Transport Security Layer) or mechanisms such as thePublic Key 
Infrastructure(PK]) to identify the nodes in the network and control communica- 
tions. 


However, the rapid and chaotic growth of the IoT has also introduced several chal- 
lenges. Some of the drawbacks of a centralized architecture are as follows: 


e Single point of failure could bring down the entire system. 

¢ Theneed to have equipment with higher processing capabilities. 
¢ Lesser autonomy provided for branches or departments 

¢ Under-utilization of resources when running lower applications. 
¢ Inability to cater to localized requirements of the organization. 

¢ High initial set-up cost. 


Also, the diversity of ownership between devices and their supporting cloud 
infrastructure makes machine-to-machine (M2M) communications difficult. 
The centralized models also cause problems as the number of nodes in the net- 
work increase. The centralized servers also become a bottleneck and this central 
point of failure makes the IoT vulnerable to the attack known as the 'Denial Of 
Service attack' (DOS). 


Need for a Decentralized Architecture 

A decentralized approach to the IoT networking would solve many of the prob- 
lems. Adopting a standardized peer-to-peer communication model process will 
significantly reduce the cost associated with installing and maintaining large cen- 
tralized data centers and will distribute storage and computation needs. Thus, this 
will prevent failure in any single node in a network from bringing the entire net- 
work to a halting collapse. 


To perform the functions of traditional IoT solutions without a centralized con- 
trol, any decentralized approach must support three fundamental functions: 


¢ Peer-to-peer messaging 
¢ Distributed file sharing 
e Autonomous device co-ordination 


A decentralized technology such as the blockchain can be used in tracking bil- 
lions of devices connected in the IoT and enable co-ordination between the 
devices. This decentralized approach would eliminate single points of failures, 
thus creating a more resilient system for the devices to run on .The cryptographic 
algorithms used by the blockchains would make the consumer data more private. 


Securing IoT through Blockchain 

International Data Corporation (IDC) estimates that 90% of organizations that 
implement the IoT will suffer an IoT-based breach of back-end IT systems by the 
year 2017. 


Handling the enormous volume of existing and projected data is daunting. Man- 
aging the inevitable complexities of connecting to a seemingly unlimited list of 
devices is complicated. And the goal of turning the deluge of data into valuable 
actions seems impossible because of the many challenges. The existing security 
technologies will play a role in mitigating IoT risks but they are not enough. Busi- 
nesses will have to tailor security to each IoT deployment according to the unique 
capabilities of the devices involved and the risks associated with the networks 
connected to those devices. 


Blockchain attempts to address these growing security concerns in an elegant 
way. Blockchain is a database that maintains a continuously growing set of data 
records. It is distributed in nature, meaning that there is no master computer hold- 
ing the entire chain. Rather, the participating nodes have a copy of the chain. It is 
ever-growing — data records are only added to the chain. A blockchain comprises 
essentially of 2 main elements : 


e Transaction : The actions created by the participants of the system. 


¢ Blocks : They record transactions and ensure correct sequence and prevent 
tampering of data. They also maintain an audit ( timestamp ) when the trans- 
actions are added. 


Blockchain technology can be used in tracking multitude of connected devices, 
enable the processing of transactions and coordination between devices. This 
would ultimately lead to decreases costs, thereby increasing savings, eliminate 
single point failures and create a more resilient ecosystem for devices to run on. 
The cryptographic algorithms used by blockchains would make consumer data 
more private. The idea is to leverage the power of blockchain to treat message 
exchanges between the connected devices in the same way as financial transac- 
tions, which occur in the case of the bitcoin model, for which blockchain was orig- 
inally designed. 


The blockchain based model, would be used to register new devices, authenticate 
users, and perform various custom functions for devices. These functions would 
occur seamlessly and securely, without much risk of intrusion. The storage of 
information in a cryptographic format makes it hard for any kind of attack to 
occur on it. The blockchain would also serve as an abstraction to the information 
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being transacted. That is, the communicating device does not have a need to cus- 
tomize the information in any way, before pushing it to the blockchain. The 
blockchain,, on its part, would as well be totally unaware of the actual message 
incoming to or outgoing from it. 


Figure 1 proposes an algorithm to handle the intercommunication between 2 
devices talking to each other with blockchain as the underlying database. The 
concept lies in the fact that any device wanting to send a message to another, 
needs to include its identity address (such as, the IP address) as well as the target 
device's address. This would result in a new block being added to the blockchain. 
Thus, the data persisted as part of the block, by the chain would comprise of the 
following: 


¢ Source device address 

¢ Target device address 

¢ Message to be sent 

¢ Cryptographic hash value created on the basis of data contained within the 
block 


The cryptographic hash function, as said, would perform an encryption of an 
amalgamation of the data, contained within the block. The encryption used, for 
example, could be SHA-1.The encrypted result is persisted as part of extra infor- 
mation within the block. This result serves as the identity of the block as well as 
the identifier of the information within it. It also serves as a protection mecha- 
nism which will prevent tampering of data within the block. 


For instance, let us take that an intruder manages to get hold of a block in the 
chain. He illegally modifies data in the block ( let us take that modifies the IP 
address of the target device to point to his own ). Now, this would immediately 
result in a mismatch between the encrypted hash value and the encryption of the 
data contained within the block, which will invalidate the block, thus preventing 
any further attack from the intruder. 


RESULTS AND DISCUSSION 

Thus, we have shown the methodology to leverage the benefit of blockchain for 
the intercommunication between devices as well as the comparison between cen- 
tralized and decentralized systems, by way of the model presented. This has been 
done to address the challenges faced by the centralized nature of databases cur- 
rently in use for IoT. 


Comparison between Existing and Proposed Approach 


Table 1: Difference between Existing and Proposed architecture 


Existing Solution Proposed Solution 


Cloud, private vendor |Blockchain itself 
etc 


ansaction management |Trusted networks Pseudonymous, open 


Dependent on provider |Strong due to data 
encryption and algorithm 


Depends on efforts taken | Fairly immutable due to 
by provider longest chain rule 


Device Interaction through Blockchain 


Blockchain 
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Figure 1: Sequence diagram to show interaction between devices through 
blockchain 
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